Privacy Policy

Last Updated: June 2, 2026

At Harmony, we believe that having a safe space to share our thoughts and feelings — a place where we feel comfortable — is crucial to emotional healing, personal development, and our well-beings. We seek to support those goals by only using the data necessary for Harmony's core functionality, being transparent about what we collect and why, and taking appropriate measures to protect and secure your data.

Below, we outline what data we collect, how we use it, who we share it with, and your rights as a user.

1. Information We Collect

Basic account info — Your name and email address, provided at the time of registration (e.g., via Google login).

Optional profile information — We optionally collect profile information such as date of birth, gender, country, sexual orientation, religious identity, and therapy experience in order to personalize sessions.

Conversation history — We store your sessions so you can access your conversation history.

Technical metadata — We may receive metadata such as your browser type or device info (through services like Clerk) to help us debug technical issues and ensure the app functions properly.

Google Calendar data — If you choose to connect your Google Calendar, we request access to view your calendar list and create or modify events. We use this data solely to add therapy session events to your chosen calendar when you schedule a topic to explore. We do not read, store, or analyze your existing calendar events. You can disconnect Google Calendar at any time in your account settings, and we will immediately stop accessing your calendar data. Google Calendar integration is entirely optional and is not required to use Harmony.

2. How We Use Your Data

We use your data to:

Store, retrieve, and give you access to your conversation history
Remember your setting preferences (like manual mode, mic settings, etc.)
Keep you signed in across different sessions and allow access from multiple devices
Create calendar events for scheduled sessions on your connected Google Calendar (only if you opt in)

We do not and will never sell your personal data.

We share data only in the limited ways needed to operate Harmony and provide its AI-powered features, including with:

Technical services – for authentication, hosting, database storage, payments, and email. These services help provide basic Harmony platform functionality and do not access your session logs except where technically necessary to store and secure your data.
AI intelligence providers (Anthropic, OpenAI, and Google Gemini) – for Harmony's AI-powered features, including session conversations, post-session reflections, journal understandings, summaries, and other intelligence features. Your messages and related session content are sent to these providers only as needed to generate those features. These providers do not use any of your session content to train their models, and Harmony does not train models on your session content either.
Analytics tools – to understand basic usage patterns, such as weekly active users, signups, referrals, and membership/subscription data. Analytics tools do not read or analyze your session transcripts.
Google Calendar (Google LLC) – to create and manage session events on your calendar if you choose to connect your Google account. We only write events you explicitly schedule and do not access or store your existing calendar data.

4. Your Rights

You have the right to:

Delete your account and all associated Harmony app data (session logs, images, etc.) immediately at any time
Contact us with questions about your data or privacy

Account deletion is handled in-app by clicking your profile button (top right on Home page), then Manage account → Security → Delete account. For additional privacy questions, you can contact us at team@harmonyappai.com.

5. Data Storage and Security

We use Supabase, a secure and widely trusted cloud infrastructure provider, to store and protect your data. Supabase uses encryption to protect data at rest and in transit, and access is restricted to authorized personnel only. All data transmitted between you and our services is secured using strong encryption protocols. This includes the use of HTTPS and WebSocket Secure (WSS), which ensure that your data remains private and integral throughout the transmission process. We follow industry best practices to ensure that your data remains safe and confidential.

6. Changes to This Policy